Principal Cybersecurity Engineer / Jr Cybersecurity Architect [multiple locations across USA]

Role: Principal Cybersecurity Engineer / Jr Cybersecurity Architect

Location: Bellevue, WA; Overland Park, KS; Frisco, TX; Ravinia, GA; Herndon, VA (3 days a week onsite from Day 1)

Job Type: Contract

Mandatory Areas:

Must Have Skills:

• Cyber Security: 10 Years
• Java, frameworks, python, Nodejs: 5 Years
• Threat Modelling like STRIDE, PASTA, TRIKE, ATTACK TREE, DREAD, KILL CHAIN, CAPEC: 5 Years
• SSL: 8 Years
• Firewall policy design: 5 Years
• Vulnerability analysis & mitigation: 5 Years
• Understanding load balancers (ex A10, F5), firewalls (ex CheckPoint), Venafi, MDM (ex - Mobile Iron), Cloud (ex - AWS, Azure), Malware Protection (ex -FireEye), Advanced Persistent Threats (ex - Damballa), Privileged Accounts (ex CyberArk), SIEM (ex ArcSight), Log & Event (ex Splunk), Intrusion IDS/IPS (ex Symantec): 5 Years
• Cloud Platform (ex PCF, Docker), Scanning (ex Qualys), AppSec (ex - Veracode): 5 Years

Job Description:

• Ensure that client s software, systems, and infrastructure are designed and implemented to the highest security standards.
• Performs technical security assessments, code reviews and vulnerability testing to highlight risk and remediate associated findings while helping client teams and partners improve security.
• This position serves as a subject matter expert which drives vision and results to enhance security posture within mobile device, IoT device, enterprise line of business applications, cloud, big data, and core and carrier network technologies as well as and other business units as needed as well as act as a Principal security advisor to cross-functional teams for the successful delivery of projects or services to enterprise customers.

Responsibilities and Experience:

• Leads information security review of new technologies, designs, and remediation planning efforts.
• Collaborates with Engineering & Operations Teams to address security vulnerabilities found via PSIRTs, scans or breaches.
• Investigates and/or leads identifying security needs & recommends plans/resolutions. Implements, tests & monitors info security improvements.
• Significant experience with the analysis of underlying technologies that form the solution necessary for the application of threat identification, analysis, and thread model design. The threat model depicts trust boundary, threat agent(s), threat vector(s), and safeguard(s) necessary to protect person, asset, data, and brand.
• Mobile Application threat model, Cyber Threat Tree, and data flow diagram.
• Advanced understanding of IP/Security solutions & technologies applicable to the Wireless Network Architecture.
• Advance knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP).
• Knowledge of federal & compliance regulations e.g., SOX, PCI & CPNI.
• Working knowledge of web application development, RESTful APIs, and skills in Java, frameworks, python, Nodejs.
• Experience with mobile applications, and handset security.